package com.hlg.xboot.web.interceptor;

import com.hlg.xboot.exceptions.ErrorCode;
import com.hlg.xboot.constants.AppConstants;
import com.hlg.xboot.exceptions.ServerBizException;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * <p>Description: 前端API Token有效性检查拦截器</p>
 * <p>Copyright: Copyright (c) 2016</p>
 * <p>Company: 中视数讯</p>
 * <p>Site: www.digi-zones.com</p>
 *
 * @author yangxin
 * @version 1.0
 * @date 2016/8/24
 */
@Component
public class APITokenInterceptor extends BaseInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        if (super.preHandle(request, response, handler)) {
            return true;
        }

        if (request.getSession().getAttribute(AppConstants.SESSION_USER) == null) {
            throw new ServerBizException(ErrorCode.API_TOKEN_INVALID);
        }

        return true;
    }

    @Override
    protected void initExcludeUrls() {
        super.initExcludeUrls();
        addExcludeUrl(HttpMethod.POST.name(),"/sys/sysuser/login");
        addExcludeUrl(HttpMethod.POST.name(),"/sys/sysuser/register");
        addExcludeUrl("*","/common", true);

        // --------------移动端用户接口---------------
        addExcludeUrl("*","/mobile/user/login");
        addExcludeUrl("*","/mobile/user/register");
        addExcludeUrl("*","/mobile/user/reset_password");

    }
}
